11 Commits

Author SHA1 Message Date
Duncan Overbruck
57675c7dfc
lib/fetch: fix CVE-2020-7450
https://www.freebsd.org/security/advisories/FreeBSD-SA-20:01.libfetch.asc
2020-01-28 20:29:39 +01:00
Duncaen
3527a1374a lib/fetch: set connect timeout to 300 seconds 2019-06-20 11:32:12 +02:00
Duncaen
9f52a7837f lib/fetch: add happy eyeballs connect algorithm (RFC6555/RFC8305)
Connect to the addresses from `getaddrinfo(3)`,
alternating between address family,
starting with ipv6 and wait `fetchConnDelay`
between each connection attempt.

If a connection is established within the attempts,
use this connection and close all others.

If `connect(3)` returns `ENETUNREACH`, don't attempt more
connections with the failing address family.

If there are no more addresses to attempt,
wait for `fetchConnTimeout` and return the first established
connection.

If no connection was established within the timeouts,
close all sockets and return -1 and set errno to
`ETIMEDOUT`.
2019-04-19 22:58:50 +02:00
Duncaen
30ace44394 lib/fetch: add socks5 support 2016-09-01 00:38:55 +02:00
Juan RP
90eb1d9433 libfetch: merge some features from FreeBSD:
- Supports HTTP/1.1 308 redirect.
- SSLv[23] HTTPS connections are forbidden by default.
- TLS client certificate validation thru OpenSSL.
- Fixes for user/password encoding, misc.
2015-10-24 07:52:30 +02:00
Juan RP
b513a5e15e libfetch: misc cleanups due to nbcompat removal. 2014-12-28 03:34:36 +01:00
Juan RP
68ef66eb51 lib/fetch/fetch.c: CID 62784 (uninitialized pointer read) 2014-10-05 13:10:05 +02:00
Juan RP
44f5fb107e lib/fetch/fetch.c: CID 62738 (unused value) 2014-10-05 12:01:25 +02:00
Juan RP
510c84d3bb libfetch: synchronized with NetBSD's pkgsrc/libfetch, preserving our changes. 2014-06-29 10:29:36 +02:00
Juan RP
5eea259c13 Remove the config.h kludge and override vasprintf detection via HAVE_VASPRINTF. 2014-01-20 18:50:33 +01:00
Juan RP
7aebea684b Implemented support for working with remote repositories.
libfetch from NetBSD's pkgsrc has been imported into lib/fetch, but
the objects are embedded into libxbps. Only a public function to fetch
files has been implemented: xbps_fetch_file().

The library now is built with -fvisibility=hidden by default, and
exported symbols are the ones that use the SYMEXPORT macro.

The code works well enough, but will need many more cleanups.

--HG--
extra : convert_revision : xtraeme%40gmail.com-20091027004600-0lq9aao67lisbzxv
2009-10-27 01:46:00 +01:00